Earlier this week, Microsoft unveiledInterflow, a platform for real-time sharing of information about cyber security threats. It's a great idea, but it raises a question: What kept this from coming along sooner?

In the abstract, the idea's quite wise: a common platform and methodology for getting word out about security issues for all the folks who perform security research and break news about threats. Microsoft describes Interflow as "an engine designed and built for the greater good of the community," so members of Interflow can pass around samples of suspected malware, share info on malicious URLs, and pool their talents in other ways.

Adam Kujawa, head of malware intelligence for antimalware software firm Malwarebytes, spoke highly of the project. "The biggest problem with intelligence sharing is knowing what to do with it," he said in an email. "In specific cases [such as] researchers creating threat profiles on specific target, those groups can use targeted intelligence to protect users and understand the threats that are out there. In other cases, however, the flow of information is too great and it becomes difficult to discern exactly what is important and what isn't. Microsoft seems to have taken this fact into consideration and allowed for specialized intelligence to be gathered using their Azure cloud technology with plug-ins that gather and output the intelligence in the forms that are most useful to the users."

InfoWorld's Roger Grimes has previously spoken out about the need to share threat data through a common platform, perhaps through a mechanism akin to the threat-sharing data used by retailers. But in his view, "Most companies don't want to give away such telemetry for free. Information is power. When a security company has that information, it's going to be better at protecting us from those threats than we would be on our own."

To Kujawa, an initiative like this hasn't happened sooner because "people who have been running our current tech businesses for so many decades hold the principal of competition close to their hearts." Problem is, they're now faced with enemies that will use that divisiveness against them. "It hasn't happened sooner," he wrote, "because we didn't want to admit it was what needed to happen until now."

While the data formats it uses may be open, Microsoft still holds the leash on the project, which could become a sticking point. Users need a Microsoft Azure subscription to participate in Interflow, if only for Microsoft to keep the threshold for participation respectably high. InfoWorld's J. Peter Bruzzese believes the security community as a whole will have a hard time trusting Microsoft with stewardship of such a project, though the company is in a prime position to support it -- at least, for its own platforms.

Kujawa further notes that having Interflow on Azure isn't just about allowing Microsoft to control the experience; it's also a way for Microsoft to monetize the project in the long term. "Utilization of this service is probably going to be limited to those who can afford it, namely corporations rather than individual users," he wrote.